Symantec Endpoint Protection 14 is blocked by macOS GateKeeper. Looking for a way around.
04/03/2018 1252 views
We have Macs in our environment that run macOS 13, which is now supported by the new SEP 14 client - Symantec A/V.
We push the installation package - SEPremote.pkg - through KACE with an installer command.
The problem is that the KACE install triggers Gatekeepr - the built-in malicious app protection in macOS which prevents unidentified applications from being installed. The users get a warning message telling them Symantec is trying to install an application, and they usually do not allow the install. We need a silent install.
I'm not sure why the Symantec installation package is not identified by Apple, and Symantec support has been unhelpful and unknowledgeable about this.
I know I can turn off gatekeeper completely by running spctl --master-disable, but I don't want to compromise our users. I'm thinking maybe turning it off temporarly, via script on KACE, and have both the managed install and the script run back to back on a specific schedule (this way we can use the script for other problematic installs), but this is a high-risk solution and I'd much rather approve only this specific install.
There must be someone else out here with a similar issue who found a solution. I'd love to hear more about it!
Thanks in advance.
Be the first to answer this question